Attackers are still actively exploiting Log4Shell everywhere they can, from criminal hackers looking for a way into targets’ systems to Chinese and Iranian state-backed attackers deploying the exploit in their espionage campaigns.